<?php
include_once("global_funcs.inc.php");
include_once("inc/users.inc.php");
require_once("mod_funcs.php");

// create a database connection
$db = connect_db();

// create an instance of user class
$usr = new user();

if(isset($_POST['checkuser']))
{
    if(isset($_POST['username']))
    {
        $res = array($usr->checkUserExists($_POST['username']),"Checked successfully");
    }
    else
    {
        $res = array(false,"Username missing");
    }
    $res_json = json_encode($res);
    echo $res_json;
}

if(isset($_POST['adduser']))
{
    if(isset($_POST['username']) && $_POST['username']!="")
    {
        $nameExists = $usr->checkUserExists($_POST['username']);
        if($nameExists)
        {
            // name exists,cant add, so exit
            $res = array(false,"Name already exists");
        }
        else
        {
            if(isset($_POST['passwrd']) && isset($_POST['passwrd2']) && $_POST['passwrd']!="" &&  isset($_POST['email']) )
            {
                $type = null;
                // if type is sent, then use it or choose the default usertype
                if(isset($_POST['type']))
                    $type = $_POST['type'];
                else
                    $type = DEFTYPE;
                
                // Create the array to pass to the addUser method
                $userdata = array(  'uname' => $_POST['username'],
                                    'passwd1' => $_POST['passwrd'],
                                    'passwd2' => $_POST['passwrd2'],
                                    'email' => $_POST['email'],
                                    'type' => $type );
                
                // addUser itself returns the result array
                $res = array($usr->addUser($userdata));
            }
            else
            {
                $res = array(false,"Either of the password or Email is missing");
            }
        }
    }
    else
    {
        $res = array(false,"Username missing");
    }
    $res_json = json_encode($res);
    echo $res_json;
}

if(isset($_POST['deluser']))
{
    
    if(isset($_POST['username']) && $_POST['username']!="")
    {
        // checks that the user himself or the admin can delete the account
        if($_POST['username'] == $_COOKIE['uname'] || $_COOKIE['admin_allowed'])
        {
            $userExist = $usr->checkUserExists($_POST['username']);
            
            if($userExist)
                $res = $usr->deleteUser($_POST['username']);
            else
                $res = array(false,"Username doesn't exist");
        }
        else
        {
            $res = array(false,"You are not authorized to delete the user");
        }
        
    }
    else
    {
        $res = array(false,"Username missing");
    }
    $res_json = json_encode($res);
    echo $res_json;
}

if(isset($_POST['changeutype']))
{
    if(isset($_POST['username']) && $_POST['username']!="")
    {
        // checks that only admin is making the changes
        if($_COOKIE['admin_allowed'])
        {
            $userExist = $usr->checkUserExists($_POST['username']);
            
            if($userExist)
                $res = $usr->changeUserType($_POST['username'],$_POST['type']);
            else
                $res = array(false,"Username doesn't exist");
        }
        else
        {
            $res = array(false,"You are not authorized to make that change");
        }
    }
    else
    {
        $res = array(false,"Username missing");
    }
    $res_json = json_encode($res);
    echo $res_json;
}

if(isset($_POST['fetchdata']))
{
    if(isset($_POST['username']))
    {
        $userExist = $usr->checkUserExists($_POST['username']);
        
        if($userExist)
            $res = array( true, $usr->getUserData($_POST['username']) );
        else
            $res = array(false,"Username doesn't exist");
    }
    else
    {
        $res = array(false,"Username missing");
    }
    $res_json = json_encode($res);
    echo $res_json;
}

if(isset($_POST['searchdata']))
{
    if(isset($_POST['username']))
    {
        $set = $usr->searchUser($_POST['username'],$_GET['startswith']);
    }
    
    $res_json = json_encode($set);
    echo $res_json;
}

if(isset($_POST['getuserlist']))
{
    if(isAdmin())
    {
        // check for valid start value
        if(isset($_POST['start']))
            $start = $_POST['start'];
        else
            $start = 0;
        
        // check for valid offset
        if(isset($_POST['offset']))
            $offset = $_POST['offset'];
        else
            $offset = 20;
        // fetch the list
        
        $set = $usr->listUsers($start,$offset);
        
        $res_json = json_encode($set);
        echo $res_json;
    }
}

if(isset($_POST['getTotalUsers']))
{
    $res = $usr->getTotalUsers();
    
    $res_json = json_encode($res);
    echo $res_json;
}

if(isset($_POST['getUserType']))
{
    $res = $usr->getUserTypes();
    
    $res_json = json_encode($res);
    echo $res_json;
}
?>
